IT Auditor

This role reports directly to the Chief Audit Executive of RMB Nigeria. The IT Auditor will provide assurance on the adequacy and effectiveness of risk management and control over IT Systems and Platforms, General IT Controls, CAATs and Projects. Furthermore, to take accountability for the management and development of the IT audit skills and to provide consulting services to the clients.

IT audits cover the following subjects matters: IT and cybersecurity reviews, IT service providers reviews, Business Continuity Management and Disaster Recovery, Project Management, Pre and Post implementation reviews for IT projects, Change Management, Logical Access Management, IT Governance, Data Backup, Cloud Computing, IT Operations, and reviews for Industry/Regulatory compliance (SWIFT/PCI-DSS).

The successful candidate will be responsible for:

• Delivering Assurance and Consulting Services.
• Providing assurance on the adequacy and effectiveness of risk management and controls over IT systems and platforms, general IT controls, data analysis, and projects.
• Working collaboratively and identifying opportunities, and driving integrated audit approaches between process audit and IT audit according to the timeliness agreed with the audit committee, etc.
• Staying abreast of emerging technologies, industry trends, and regulatory requirements impacting IT audit practices.
• Evaluating and conducting reviews on a range of Hardware, Operating Systems, Databases, Network Infrastructure, and applications.
• Performing control reviews on systems development, operations, programming, control, and security procedures and standards.
• Reviewing system backup, disaster recovery and maintenance procedures.
• Ensuring audits are completed in accordance with the Group Internal Audit methodology and audit standards as prescribed by the Institute of Internal Auditors.
• Performing individual audits in respect of the risks and controls on the process being audited, and advising on technical, methodology, and statutory issues.
• Discussing the draft report with the auditee, finalizing management comments, action plans, and target dates for implementation.
• Facilitating dispute resolution with line management, if required.
• Working closely with the RMB Nigeria Group Internal Audit team and the Group and Brader Africa IT auditors.
• Expressing an audit opinion on the acceptability of the residual risk in the process under review.
• Driving relationships with the customer base and ensuring that customers are provided with world‑class perspectives and solutions.
• Conducting process audit as assigned by the Chief Audit Executive from time to time.
• Carrying out other duties and investigations as directed by the Chief Audit Executive.

• 4 years’ experience in IT audit, process audit, risk management, or technology assurance.
• Extensive experience and knowledge on General Controls Review, Application Controls Review, CAATS, and Project Auditing are a prerequisite.
• Strong understanding of IT governance frameworks, compliance standards, regulatory frameworks, and cybersecurity principles.
• Bachelor’s degree in information systems or a related field.
• Professional certifications: ACCA, CISA, CRISC, CISSP, ISO 27001 Lead Auditor (advantageous).
• Proficiency in audit analytics tools, Power BI, and the Microsoft Office suite.

• Customer Service Orientation
• Analysis and attention to detail
• Time and Self-Management
• Drive and results orientation
• Verbal and written communication
• Leading and Supervising

Take note that applications will not be accepted on the below date and onwards, kindly submit applications ahead of the closing date indicated below.

31/01/26

All appointments will be made in line with FirstRand Group’s Employment Equity plan. The Bank supports the recruitment and advancement of individuals with disabilities. In order for us to fulfill this purpose, candidates can disclose their disability information on a voluntary basis. The Bank will keep this information confidential unless we are required by law to disclose this information to other parties.